 h00die
|
3209fdc937
|
remove old file
|
2025-11-17 19:03:55 -05:00 |
|
|
h00die
|
7c8fbd1672
|
rework windows service persistence
|
2025-11-17 19:02:54 -05:00 |
|
|
h00die
|
a0222d0783
|
rework windows service persistence
|
2025-11-17 19:02:53 -05:00 |
|
|
h00die
|
1ad89ef1ef
|
rewriting service
|
2025-11-17 19:02:53 -05:00 |
|
|
h00die
|
06f5c89bf4
|
throw this away
|
2025-11-17 19:02:53 -05:00 |
|
|
h00die
|
8c211b4d4a
|
fix sc commands in windows service persistence
|
2025-11-17 19:02:53 -05:00 |
|
|
h00die
|
450e1df340
|
windows service now with persistence mixin
|
2025-11-17 19:02:50 -05:00 |
|
|
Diego Ledda
|
c007d3a89f
|
Merge pull request #20674 from msutovsky-r7/exploit/win/cve-2025-59287
Adds module for unauthenticated deserialization in WSUS (CVE-2025-59287)
|
2025-11-12 12:40:32 +01:00 |
|
|
Diego Ledda
|
29088b4712
|
Merge pull request #20576 from msutovsky-r7/modules/persistence/linqpad_deserialization
Moves LINQPad module into persistence category
|
2025-11-11 16:41:12 +01:00 |
|
|
Martin Sutovsky
|
9058f6676b
|
Removes if condition
|
2025-11-11 11:22:31 +01:00 |
|
|
Martin Sutovsky
|
6aeb81a499
|
Adds MITRE reference, updates docs
|
2025-11-10 18:32:13 +01:00 |
|
|
Martin Sutovsky
|
fc434414d3
|
Randomizes XML paramater
|
2025-11-10 16:54:49 +01:00 |
|
|
Martin Sutovsky
|
5ea47e5ac3
|
Adds formatting to XML data, adds automatic plugin ID extraction
|
2025-11-06 16:46:58 +01:00 |
|
|
Martin Sutovsky
|
570c7c0bf4
|
Changes CheckCode to Detected
|
2025-11-06 16:21:42 +01:00 |
|
|
Martin Sutovsky
|
b0afe5e24b
|
Randomizes parameters that can be randomized
|
2025-11-06 15:06:30 +01:00 |
|
|
Martin Sutovsky
|
904e752662
|
Code refactor
|
2025-11-06 14:52:49 +01:00 |
|
|
Martin Sutovsky
|
cb0011649c
|
Adds SCREEN_EFFECTS to SideEffects
|
2025-11-06 14:50:31 +01:00 |
|
|
Martin Sutovsky
|
f586fff090
|
Adds clear message if exploit fails
|
2025-11-06 14:46:02 +01:00 |
|
|
Martin Sutovsky
|
5ad76f82d1
|
Adds more docs, adds description
|
2025-11-04 13:49:43 +01:00 |
|
|
Martin Sutovsky
|
f195ebd453
|
Code refactor
|
2025-11-04 13:36:33 +01:00 |
|
|
Martin Sutovsky
|
98467f3a21
|
Adds msf payload to module, adds docs
|
2025-11-04 12:28:03 +01:00 |
|
|
Martin Sutovsky
|
e885da1f0b
|
Add rce for wsus
|
2025-11-03 20:47:28 +01:00 |
|
|
Martin Sutovsky
|
96edf7bad4
|
Updates
|
2025-11-03 14:25:39 +01:00 |
|
|
msutovsky-r7
|
af5baeb3c6
|
Land #20660, adds windows task scheduler persistence module
Windows task scheduler persistence
|
2025-10-31 10:16:19 +01:00 |
|
|
msutovsky-r7
|
09f1d1ae57
|
Land #20650, adds module for NCR Command Center Agent unauthenticated RCE (CVE-2021-3122)
Add NCR Command Center Agent Unauthenticated RCE (CVE-2021-3122)
|
2025-10-30 08:26:42 +01:00 |
|
|
Martin Sutovsky
|
666e63f993
|
Rubocopes module
|
2025-10-30 07:43:32 +01:00 |
|
|
Martin Sutovsky
|
ee3058bf92
|
Removes moved_from
|
2025-10-29 15:14:29 +01:00 |
|
|
msutovsky-r7
|
56480df99f
|
Land #20662, adds windows startup folder persistence module
windows persistence: startup folder
|
2025-10-29 13:23:35 +01:00 |
|
|
h00die
|
34b630736a
|
Merge remote-tracking branch 'origin/windows_taskscheduler_persistence' into windows_taskscheduler_persistence
|
2025-10-29 05:22:55 -04:00 |
|
|
h00die
|
f03b32551a
|
Update modules/exploits/windows/persistence/task_scheduler.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-10-29 05:22:28 -04:00 |
|
|
h00die
|
b48215d9c1
|
Merge remote-tracking branch 'origin/windows_taskscheduler_persistence' into windows_taskscheduler_persistence
|
2025-10-29 05:21:45 -04:00 |
|
|
h00die
|
35f632bc85
|
windows persistence: task scheduler review
|
2025-10-29 05:20:57 -04:00 |
|
|
h00die
|
85fa7e0391
|
windows persistence: startup folder review
|
2025-10-29 05:18:20 -04:00 |
|
|
Martin Sutovsky
|
b167a2bc7d
|
Adds moved_from clause
|
2025-10-29 07:58:50 +01:00 |
|
|
Martin Sutovsky
|
44c3d9b5db
|
Fixes documentation, removes unused parameters, code cleanup
|
2025-10-29 07:58:47 +01:00 |
|
|
msutovsky-r7
|
65f764e8bc
|
Corrects CheckCode from Vulnerable to Appears
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
|
2025-10-29 07:57:20 +01:00 |
|
|
Martin Sutovsky
|
5bf842c15e
|
Moves module to persistence category, docs reformat
|
2025-10-29 07:57:19 +01:00 |
|
|
Martin Sutovsky
|
547b318848
|
Moves linqpad deserialization to persistence category
|
2025-10-29 07:56:49 +01:00 |
|
|
Muhammad Daffa
|
b98e66b744
|
Minor changes, code review from @msutovsky-r7
|
2025-10-29 13:18:17 +07:00 |
|
|
h00die
|
fd6d84df0f
|
Update modules/exploits/windows/persistence/task_scheduler.rb
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
|
2025-10-27 19:51:32 -04:00 |
|
|
h00die
|
fd04f465eb
|
windows persistence: startup folder
|
2025-10-27 15:35:52 -04:00 |
|
|
msutovsky-r7
|
d839a84a12
|
Land #20631, moves windows registry module into persistence category
update windows registry to persistence mixin
|
2025-10-27 14:57:48 +01:00 |
|
|
Muhammad Daffa
|
1b53604852
|
Code review changes from @msutovsky-r7
|
2025-10-27 17:19:11 +07:00 |
|
|
h00die
|
c210a897ac
|
windows persistence: task scheduler
|
2025-10-26 16:17:16 -04:00 |
|
|
Muhammad Daffa
|
b059a61d1b
|
Add ncr_cmcagent_rce module
|
2025-10-24 16:17:14 +07:00 |
|
|
h00die
|
0f26c9316a
|
registry persistence peer review
|
2025-10-23 17:44:22 -04:00 |
|
|
Martin Sutovsky
|
103e3d5044
|
Module init
|
2025-10-21 16:48:23 +02:00 |
|
|
h00die
|
ef9300870a
|
linqpad persistence cleanup
|
2025-10-19 10:05:48 -04:00 |
|
|
h00die
|
287cba7436
|
linqpad persistence cleanup
|
2025-10-19 10:05:36 -04:00 |
|
|
h00die
|
bc9bd4b62c
|
windows registry persistence mixin conversion
|
2025-10-19 09:36:59 -04:00 |
|